US9075986B1ActiveUtility

Systems and methods for software application security management

83
Assignee: USAAPriority: Oct 19, 2006Filed: Aug 6, 2013Granted: Jul 7, 2015
Est. expiryOct 19, 2026(~0.3 yrs left)· nominal 20-yr term from priority
G06F 21/52H04L 63/10G06F 21/62G06F 21/45H04L 63/20G06F 21/31G06F 21/121G06F 21/50G06F 21/6245G06F 2221/2141G06F 21/554H04L 63/105G06F 2221/2149G06F 21/577G06F 21/53G06Q 20/4012H04L 63/0846
83
PatentIndex Score
6
Cited by
4
References
17
Claims

Abstract

Apparatus and method for managing password information associated with a service account are disclosed. In some embodiments, a service account management system is configured to include a security account utility and a password information data store. In some embodiments, a security account utility is used when registering, tracking, and adjusting password change information. In some embodiments, notification of a password change date is transmitted to a service account owner and a security auditor for enforcement. Use of a security account management system with a middleware application is also disclosed.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
       1. An apparatus for security management, comprising:
 a subsystem including a service account including access information associated therewith; and 
 a service account management system configured to assess a risk for the service account, wherein the risk includes an operational risk level and a security risk level, the service account management system comprising: 
 a service account utility configured to include service account application code to communicate with the service account and to register a password change date associated with the access information; 
 a security record data store configured to retain a security record including an identifier associated with the service account and the password change date; and 
 a notification module configured to periodically check the security record for updated information and compliance with a security policy based on the operational risk level and the security risk level, and notify a user of the service account when the security record needs to be updated to comply with the security policy. 
 
     
     
       2. The apparatus of  claim 1 , wherein the service account management system is configured to provide audit information associated with the password change date. 
     
     
       3. The apparatus of  claim 1 , wherein the service account is coupled to a module including process code through a middleware application manager. 
     
     
       4. The apparatus of  claim 1 , wherein the service account management system is configured to track the password change date using the service account utility. 
     
     
       5. The apparatus of  claim 1 , wherein the service account utility is configured to process the password change date to generate another password change date. 
     
     
       6. A non-transitory machine-readable medium comprising machine-readable instructions that are executed by a processor to perform a security management method, comprising:
 associating, via a service account management system, a service account module with an adjustable timestamp; 
 assessing, via the service account management system, a risk for the service account module, wherein the risk includes an operational risk level and a security risk level; wherein the service account module includes access information; and wherein the service account management system includes: 
 a service account utility configured to include service account application code to communicate with the service account module and to register a password change date associated with the access information; 
 a security record data store configured to retain a security record including an identifier associated with the service account module and the password change date; and 
 a notification module configured to periodically check the security record for updated information and compliance with a security policy based on the operational risk level and the security risk level, and notify a user of the service account module when the security record needs to be updated to comply with the security policy. 
 
     
     
       7. The machine-readable medium of  claim 6 , wherein the service account module is coupled to another module including process code through a middleware application manager. 
     
     
       8. The machine-readable medium of  claim 6 , wherein the service account management system is configured to track the password change date using the service account utility. 
     
     
       9. The machine-readable medium of  claim 6 , wherein the service account utility is configured to process the password change date to generate another password change date. 
     
     
       10. The machine-readable medium of  claim 6 , wherein the service account management system is configured to provide notification of a pending password change date to a user. 
     
     
       11. A system for message delivery, the system comprising:
 a processor; 
 a storage device having instructions contained therein which are executed by the processor to: 
 use a service account management system to associate a service account module with an adjustable timestamp and assess a risk for the service account module, wherein the risk includes an operational risk level and a security risk level; 
 wherein the service account module includes access information; and 
 wherein the service account management system includes:
 a service account utility configured to include service account application code to communicate with the service account module and to register a password change date associated with the access information; 
 a security record data store configured to retain a security record including an identifier associated with the service account module and the password change date; and 
 a notification module configured to periodically check the security record for updated information and compliance with security policy based on the operational risk level and the security risk level, and notify a user of the service account module when the security record needs to be updated to comply with the security policy. 
 
 
     
     
       12. The system of  claim 11 , wherein the service account management system is configured to provide audit information associated with the password change date. 
     
     
       13. The system of  claim 11 , wherein the service account module is coupled to another module including process code through a middleware application manager. 
     
     
       14. The system of  claim 11 , wherein the service account management system is configured to track the password change date using the service account utility. 
     
     
       15. The system of  claim 11 , wherein the service account utility is configured to process the password change date to generate another password change date. 
     
     
       16. The system of  claim 11 , wherein the service account management system is configured to provide notification of a pending password change date to a user. 
     
     
       17. The system of  claim 11 , wherein a password maintenance schedule is generated based on the security policy.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.